Skip to content

CBMC: Use polyvec_permute contract in polymat_permute proof #1445

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mkannwischer merged 1 commit into from
Jan 1, 2026
Merged

CBMC: Use polyvec_permute contract in polymat_permute proof #1445

mkannwischer merged 1 commit into from
Jan 1, 2026

Conversation

@mkannwischer
Copy link
Contributor

@mkannwischer mkannwischer commented Jan 1, 2026

The mlk_polymat_permute_bitrev_to_custom was split up into two parts to work around CBMC performance issues when proving it on top of the native backend.
However, it was forgotten to call mlk_polyvec_permute_bitrev_to_custom (which is proven for both the C and native backend) in the mlk_polymat_permute_bitrev_to_custom proof.
As a consequence, mlk_polymat_permute_bitrev_to_custom wasn't actually proven for the native backend, as the C version was inlined. This commit closes that gap by calling it by contract.

@mkannwischer mkannwischer mentioned this pull request Jan 1, 2026
Merged
@mkannwischer mkannwischer marked this pull request as ready for review January 1, 2026 06:33
@mkannwischer mkannwischer requested a review from a team as a code owner January 1, 2026 06:33
@hanno-becker hanno-becker added enhancement New feature or request CBMC bug Something isn't working and removed enhancement New feature or request labels Jan 1, 2026
@hanno-becker
Copy link
Contributor

hanno-becker commented Jan 1, 2026

Very good observation, @mkannwischer. I wonder how we can automatically detect such situations?

@hanno-becker hanno-becker mentioned this pull request Jan 1, 2026
Open
hanno-becker
hanno-becker approved these changes Jan 1, 2026
View reviewed changes
Copy link
Contributor

@hanno-becker hanno-becker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Astute observation, @mkannwischer. I opened #1446 to track how we could detect such issues in the future.

@mkannwischer @hanno-becker
CBMC: Use polyvec_permute contract in polymat_permute proof
06b0b0f 
The mlk_polymat_permute_bitrev_to_custom was split up into two parts to
work around CBMC performance issues when proving it on top of the native
backend.
However, it was forgotten to call mlk_polyvec_permute_bitrev_to_custom
(which is proven for both the C and native backend) in the
mlk_polymat_permute_bitrev_to_custom proof.
As a consequence, mlk_polymat_permute_bitrev_to_custom wasn't actually proven
for the native backend, as the C version was inlined.
This commit closes that gap by calling it by contract.

Signed-off-by: Matthias J. Kannwischer <[email protected]>
@mkannwischer mkannwischer merged commit 9a81c89 into main Jan 1, 2026
389 checks passed
@mkannwischer mkannwischer deleted the cbmc-polymat-permute branch January 1, 2026 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hanno-becker hanno-becker hanno-becker approved these changes

Assignees

No one assigned

Labels

bug Something isn't working CBMC

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mkannwischer @hanno-becker